Pr 12724#12898
Draft
cdrini wants to merge 7 commits into
Draft
Conversation
The global setup_requests() approach (HTTP_PROXY env vars, no auth)
is insufficient for services that require per-service proxy credentials.
Adds get_proxy_params(service_tag) to utils.py: reads from a new
http_proxies config section (url/user/password per service) and returns
a requests-compatible proxies dict with credentials embedded in the URL,
or None to fall through to the global env var default.
Updates recaptcha to pass proxies=get_proxy_params("recaptcha") so
that service-specific proxy auth is used when configured.
Updates affiliate_server load_config to read amazon proxy settings
from http_proxies.amazon, falling back to the legacy http_proxy /
http_proxy_creds flat keys for backward compatibility.
Documents the new config section in conf/openlibrary.yml.
Closes internetarchive#12715
[pre-commit.ci] auto fixes from pre-commit.com hooks
for more information, see https://pre-commit.ci
URL-encode user and password before embedding in the proxy netloc so special characters (@ : % etc.) don't break the URL. Also relax the auth guard to inject credentials whenever user is set, even when password is empty. Adds TestGetProxyParams unit tests covering: no config → None, unknown service → None, url-only, url+auth, and special-char encoding. [pre-commit.ci] auto fixes from pre-commit.com hooks for more information, see https://pre-commit.ci
OAuth2TokenManager.refresh_token() calls bare requests.post(), which reads HTTP_PROXY from the environment. After the per-service proxy config lands (http_proxy = bare squid URL, http_proxies.amazon = creds), that env var no longer carries auth → Amazon token endpoint returns 403. Inject a _ProxyAwareTokenManager subclass into the SDK's ApiClient when proxy_creds are present. The subclass overrides refresh_token() to use a requests.Session with the authenticated proxy URL embedded directly, bypassing env-var lookup entirely. The existing rest_client injection (urllib3 / RESTClientObject) already handles all other API calls; this commit covers the one OAuth path that goes through requests directly.
for more information, see https://pre-commit.ci
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Closes #
Technical
Testing
Screenshot
Stakeholders